How QBASIC almost got me killed

Posted five years ago

Back in high school, I had too much free time, so I decided to play a joke on my computer teacher. I created an exact clone of the school's DOS system using QBasic. It would pretend to execute three commands: DIR, DEL *.*, and FORMAT.
The simulation was so realistic that during development, I was kicked out of the lab. Usually students would be playing Secret Agent or Jill of the Jungle.

The day arrived when my project was ready to be unleashed upon the world. I waited until the teacher was hovering nearby and then I started my application, running the FORMAT command on the network drive. Some classmates were watching the screen and she hurried over to see what all the fuss was about.

The reaction was immediate. She stared at the screen, eyes wide open, and mouth agape, as the terrible seconds ticked by. At that moment I regretted my deception and tried to abort the demo. But QBasic didn't understand CTRL-C during the SLEEP command. Pressing CTRL-C just interrupted the current SLEEP, so it caused the percentage to advance faster. I had to hold down the abort keys and wait until it advanced to 100% before I could prove that everything was really okay.

OMG. I did this same thing back when I was about 20... I had a friend that was very anal about his files on this PC... he wouldn't even let the machine boot into windows - he always had to start it manually - so I built a similar DOS emulation - complete with line buffer so edits were done in the program - and after running a random number of DOS commands via passthru, it would fake the format, reading a text file on the drive to make the light blink with each percentage, and once formatted it would intercept all commands and either give the file not found or for DIR commands, it gave a fake empty structure with the appropriate size in bytes for the drive. He freaked out and was ready to jump on me until I told him to just hit ctrl-c, and then he still was so angry he didn't talk to me for days... but the reaction was priceless nonetheless... Thanks for sharing this and letting me relive those glory days again lol

During a maths exam when I was at school, we had these graphical calculators, and before the exam the teacher would come past and make sure we all cleared the memory, so we couldn´t store equation solutions and what not.

It had a simple form of basic, so I wrote an program that emulated the clear memory function. It worked like a charm, the teacher never suspected anything.

I friend of mine stayed home from highschool one day (this was in '96, the days when a network printer driver could crash NT 4) and I was chatting with him via IRC while in the computer lab. Each computer had sequentially assigned public IP address. He asked me what my IP address was, after I told him, he said "look to your left". The 6 desktops all flashed a blur screen of death. Then he said, "now to the right". Again 6 workstations (the computers where all against the wall in a big U shape, the teacher was included in that IP address assignment scheme and I was sitting 5 seats away from her. I remember begging my friend to crash my computer. The sight of half the classroom with blue screens while I'm doing fine. I laugh about it now but man at the time I was so scared I would get blamed for it. Good times thouse 90's :)

this is sooooo epic!!! haha reminds me of my teen years, i sort of did the same thing, recreating a dos shell in QBASIC. I named it ' kut-dos' which is dutch for 'cunt-dos' and auto-runned it on every computer in the school lol, they couldn't do anything without my password. It actually wrote a .bat script that rewrote the autoexec.bat after running the command (but not before the user typed the dutch equivalent to 'i give praise to Michael' :D

Got me sent to the dean and almost kicked out of school lol! Haha good times with QBASIC :D

Fun times! I did something similar in grade 11 to capture a user's password ... since my teacher assured me that if I could edit my grade to be 100%, she would let me keep the grade. My "program" emulated the login screen and continually gave the invalid username / password error, piping the entered username/pwd to a file on the network. But when I tested it on a fellow classmate, she freaked out and the teacher came over just in time to see me Ctrl-C : /

I did something similar with Visual Basic. It was a small popup that said something along the lines of "Are you sure you want to delete all files in C:Windows". The victim (my grandpa) naturally went for the cancel button but then the mouse would wig out and go straight for the OK button. I thought it was pretty funny to watch him yank the power cord from the wall in a panic as the progress bar worked it's magic. He didn't think that the two hours of work he lost in the prank was very funny and now I know just how volatile my grandpa's temper is.

Damn, I did not realize so many people have done similar things using QBasic.

I did something similar, but the reason was different. We were using PS/2 machines as dumb terminals to connect to a terribly underpowered IBM RS6000 unix server where our source code, compilers, etc... were stored. Having to use VI to edit code on a machine with not enough memory was ok when only one or two students were connected, but as soon as the 15 of us were connected and compiling, it become a nightmare to edit and save. Easy solution: Run something like the Turbo Pascal editor to edit the Cobol sources, then copy to the unix server, launch the compilation and continue to edit the source code on the PC while it compiles.

Except we were not allowed to save anything on the PC at all, and we were forbidden to bring any floppies. My solution was to reprogram fake dos commands (like DIR and CD) using compiled QBasic, calling the real DIR command (patched to DYR in CMD.EXE) and filter the output to hide the location of a hidden folder deep in the IBM AIX software. I installed that one evening when the teacher was sick, and I've been able to use Turbo Pascal and other cool tools and games (to play while things compiled) for two years in a row :)

Funny thing is that I was storing the output of all commands in a log file, so I was able to see what people were typing on the computer, allowing me to see exactly how the teacher was looking for unauthorized software. One day I noticed that there was a lot of strange command, and remembered that the day before IBM people came to "upgrade the AIX version", I quickly found out they also were looking for unauthorized installations of IBM software, and based on the time stamp they spent about 3/4 of their (expensively billed) time doing that...

So i wrote a QBasic fake. Once he typed QBasic at the command prompt, the program told him to insert his floppy disk, and when he inserted it, the program did a DIR on his floppy disk, and deleted my program if it found the filename.

The guy looked at me like someone from another planet henceforth...lol

Since everyone's telling old stories, in school a long time ago I made a DOS memory resident program that took over INT13 and ignored all disk write commands but passed through all read commands. And SmartDrive would cache all write commands thinking they worked.

The result was you could delete a file and it would appear to be lost if you entered "DIR", in real DOS, until smartdrive flushed it's cache or you rebooted the machine.

You could also run the actual FORMAT command, running for real, but the disk data would be intact afterwards.

In the early 90s I worked as a computer tech at Ontario Provincial Police headquarters, which was in downtown Toronto at that time.

OMPPAC (Ontario Municipal and Provincial Police Automation Cooperative) was rolled out during my tenure. It ran on XT-class PCs connected via token ring to communication servers and then to the tandem via 9600 baud async connections. It was a character-based application with an opening screen that spelled out OMPPAC diagonally across the screen in large letters composed of each character, and a bitmapped OPP symbol.

I wrote a QB4 program in 1989 or so that mimiced this screen in graphics mode. As soon as you hit a key, a pacman character appeared at the top left and started munching the screen up a row at a time, with pc speaker "Jaws" music. When it reached the end, the screen flashed postitve/negative a few times and then was overwritten with OMPPAC-MAN!!!, with accompanying musical "CCEG.EG!!" fanfare.

I installed this on the demonstration machine just before a meeting of some of the top brass, superintendents and inspectors. I subsequently discovered that this is a group of people particularly immune to humour.

Luckily for me as a civilian employee at the time the fallout was not significant, but there were a lot of red faces and blustering, sputtering rage from those accustomed to barking orders and not getting egg on their faces.

The beauty of remote code exploits is that you can potentially use them to do anything.

Our school had a network of Acorn BBC computers that had a ROM for networking, called "Econet". The Econet ROM had built-in routines for copying blocks of data to or from an arbitrary memory location on a another computer and another for remotely executing a JSR instruction to an arbitrary memory location.

In my more constructive moments, I started working on a system that would allow a program to use the the memory of any number of computers on the network. But I never finished it.

I was terrible in high school. I figured out how to remotely raise BASIC errors, so I'd sit at the back of the computer room and send errors to people who were working on their programs. I'd use ridiculous phrases for errors, like "Incorrect number found" or "Text too short" or "Upper case E not valid at this location", and they'd be like "WTF, I never heard of that error! There isn't even an upper case E on that line!" (the error would break their program on whatever line happened to be executing at the time). Ahh, good times.

ah, great times. it almost counted as a "sport" to write alt+255 programs at my school.

so, alt+255 is an invisible, space-like character, but the great thing is, you could name files/scripts alt+255.exe/bat. and if you put them in c:\, you could add them to the autoexec.bat without one noticing it.

i used this to write a mockup virus scanner, that reported a virus (tequila!), then faked a system error and begann formatting. additionally, it set the dir command to search for andiasjd.sdj files by default, so if you just wrote "dir" afterwards, the response was "no files found".

my younger cousin (always my first victim, uh, beta tester then) began to cry. i still feel bad for this.

uh, and i especially love my mockup format:

"really format drive c? all data will be lost! (y/n)"

user types "n"

"warning: are you really sure you want to delete all data on drive c:? (y/n)"

When I was a kid (10 years old or so), I came across a program called LOVEDOS.

LOVEDOS gave every impression of being the normal DOS shell, except that the directories shown by "dir" clearly weren't your own, the files clearly weren't your own&mdash;And the computer was coming on to you, in various subtle and not-so-subtle ways. The only way to exit the program was to type "I love you" at c:\>

I did something like this during my junior high years...I learned this from my Step-Dad, who was a programmer. The difference is that I memorized some command lines and did it to the main computer in the computer lab...and BAMM...all computers down...oops.

In high school, I was party to a VMS/VAX command line simulation written in DCL; I wasn't the original author, but I tweaked it and deployed it on a few VAX terminals in the computer science lab.

The purpose of the program was to simulate the login prompt, record entered login credentials in a flat file, spit out an "incorrect login" error, and drop the user to the real login prompt transparently.

One of the difficulties was that DCL had no "clear screen" command like DOS, so we got around it by launching and immediately terminating the built-in "phone" application (which allowed you to have a split-screen chat with another luser on the system).

Though there was an extremely momentary flicker of a line across the screen (the split screen divider), nobody was ever the wiser.

Eventually our CS teacher discovered the app, searched the entire VAX for it (by name) and suspended all of the accounts he found it in!

I created a QBasic program that was an exact replica of the school's ASCII login screen. It would get the password, store it on the network drive, prompt an error message for about 1 second about a token ring malfunction, then restart the computer. I only used it on a couple of friends just to screw with them.....ah, good times.

I did the same thing (in Pascal) back in high school. My app initially showed a generic error message and every Y/N or Abort/Retry/Fail response you made would eventually lead you to a fake disk format. I never ran it at school but did get my Dad with it.

If you have a web site with a search function, you will rapidly realize that most mortals are terrible typists. Many searches contain mispelled words, and users will expect these searches to magically work. This magic is often done using levenshtein distance. In this article, I'll compare two ways of finding the closest matching word in a large dictionary. I'll describe how I use it on rhymebrain.com

At some point in your programming career you may have to go through a graph of items and process them all exactly once. If you keep following neighbours, the path might loop back on itself, so you need to keep track of which ones have been processed already.

How do you measure the "sortedness" of a list? There are several ways. In the literature this measure is called the "distance to monotonicity" or the "measure of disorder" depending on who you read. Here, I propose another measure for sortedness.